Guest

Preview Tool

Cisco Bug: CSCup48974 - Apache Tomcat Vulnerabilities

Last Modified

Jan 30, 2020

Products (1)

  • Cisco Security Manager

Known Affected Releases

4.4(0)SP2(3) 4.5(0)SP0(1) 4.5(0)SP0(3) 4.6(0)SP1

Description (partial)

Symptoms:
Cisco Security Manager includes a version of Apache Tomcat that is affected by the vulnerabilities identified
by the following Common Vulnerability and Exposures (CVE) IDs:

CVE-2013-4286: Apache Tomcat before 6.0.39, 7.x before 7.0.47, and 8.x before 8.0.0-RC3, when an HTTP
connector or AJP connector is used, does not properly handle certain inconsistent HTTP request headers, which
allows remote attackers to trigger incorrect identification of a request's length and conduct
request-smuggling attacks via (1) multiple Content-Length headers or (2) a Content-Length header and a
''Transfer-Encoding: chunked'' header. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2005-2090. This has been classified by the vendor as having a CVSSv2 score of 5.8
(AV:N/AC:M/AU:N/C:P/I:P/A:N)

CVE-2013-4322: Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 processes chunked
transfer coding without properly handling (1) a large total amount of chunked data or (2) whitespace
characters in an HTTP header value within a trailer field, which allows remote attackers to cause a denial of
service by streaming data. NOTE: this vulnerability exists because of an incomplete fix for
CVE-2012-3544. This has been classified by the vendor as having a CVSSv2 score of 4.3
(AV:N/AC:M/AU:N/C:N/I:N/A:P)

CVE-2013-4590: Apache Tomcat before 6.0.39, 7.x before 7.0.50, and 8.x before 8.0.0-RC10 allows attackers to
obtain ''Tomcat internals'' information by leveraging the presence of an untrusted web application with a
context.xml, web.xml, *.jspx, *.tagx, or *.tld XML document containing an external entity declaration in
conjunction with an entity reference, related to an XML External Entity (XXE) issue. This has been classified
by the vendor as having a CVSSv2 score of 4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N)

CVE-2014-0033: org/apache/catalina/connector/CoyoteAdapter.java in Apache Tomcat 6.0.33 through 6.0.37 does
not consider the disableURLRewriting setting when handling a session ID in a URL, which allows remote
attackers to conduct session fixation attacks via a crafted URL. This has been classified by the vendor as
having a CVSSv2 score of 4.3 (AV:N/AC:M/AU:N/C:P/I:N/A:N)

This bug was opened to address the potential impact on this product.

Conditions:
Device with default configuration.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.